The present invention relates to a method and system for verifying a security token, generated by a security token service, against a security policy description.
The emerging service oriented architecture (SOA) standard is based now on many specifications. The great number of specifications and the fact that new standards are being adopted frequently increase the complexity of infrastructure required to run the services.
Furthermore, security of services has given rise to various standards that have emerged to organize the security of web services in a service oriented architecture. However, security services and functional services (for example to provide a business result) are often implemented and deployed independently and discrepancies may exist between them.